Denial of Service Vulnerability in VMware Products
CVE-2008-1340

Currently unrated

Key Information:

Vendor: Vmware
Status: Ace; Player; Workstation; Vmware Workstation
Vendor: CVE Published:; 20 March 2008

Summary

The Virtual Machine Communication Interface (VMCI) in VMware products, including Workstation, Player, and ACE, contains a vulnerability that allows attackers to exploit specific crafted VMCI calls. This exploitation can lead to memory exhaustion and memory corruption, ultimately resulting in a denial of service that crashes the host operating system. Users of VMware versions prior to the specified updates are at risk and should apply necessary patches to mitigate this vulnerability.

References

http://security.gentoo.org/glsa/glsa-201209-25.xml

vendor-advisoryx_refsource_GENTOO

http://securityreason.com/securityalert/3755

third-party-advisoryx_refsource_SREASON

https://exchange.xforce.ibmcloud.com/vulnerabilities/41250

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 20, 2008
Vulnerability Reserved
Mar 14, 2008